| Index: content/child/webcrypto/shared_crypto_unittest.cc
|
| diff --git a/content/child/webcrypto/shared_crypto_unittest.cc b/content/child/webcrypto/shared_crypto_unittest.cc
|
| index ea2c624b62ecded08856a059dd1712c06acf1614..ab850ff6636d106fb3747094e4435be1efa21d64 100644
|
| --- a/content/child/webcrypto/shared_crypto_unittest.cc
|
| +++ b/content/child/webcrypto/shared_crypto_unittest.cc
|
| @@ -2,8 +2,6 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| -#include "content/child/webcrypto/shared_crypto.h"
|
| -
|
| #include <algorithm>
|
| #include <string>
|
| #include <vector>
|
| @@ -18,6 +16,7 @@
|
| #include "base/strings/string_number_conversions.h"
|
| #include "base/strings/string_util.h"
|
| #include "base/strings/stringprintf.h"
|
| +#include "content/child/webcrypto/algorithm_dispatch.h"
|
| #include "content/child/webcrypto/crypto_data.h"
|
| #include "content/child/webcrypto/status.h"
|
| #include "content/child/webcrypto/webcrypto_util.h"
|
| @@ -33,6 +32,7 @@
|
| #include <nss.h>
|
| #include <pk11pub.h>
|
|
|
| +#include "crypto/nss_util.h"
|
| #include "crypto/scoped_nss_types.h"
|
| #endif
|
|
|
| @@ -122,6 +122,7 @@ bool SupportsRsaOaep() {
|
| #if defined(USE_OPENSSL)
|
| return false;
|
| #else
|
| + crypto::EnsureNSSInit();
|
| // TODO(eroman): Exclude version test for OS_CHROMEOS
|
| #if defined(USE_NSS)
|
| if (!NSS_VersionCheck("3.16.2"))
|
| @@ -135,6 +136,7 @@ bool SupportsRsaOaep() {
|
| bool SupportsRsaKeyImport() {
|
| // TODO(eroman): Exclude version test for OS_CHROMEOS
|
| #if defined(USE_NSS)
|
| + crypto::EnsureNSSInit();
|
| if (!NSS_VersionCheck("3.16.2")) {
|
| LOG(WARNING) << "RSA key import is not supported by this version of NSS. "
|
| "Skipping some tests";
|
| @@ -445,9 +447,8 @@ const char* const kPublicKeyModulusHex =
|
| "6B6F64C4EF22E1E1F20D0CE8CFFB2249BD9A2137";
|
| const char* const kPublicKeyExponentHex = "010001";
|
|
|
| +// TODO(eroman): Remove unnecessary test fixture.
|
| class SharedCryptoTest : public testing::Test {
|
| - protected:
|
| - virtual void SetUp() OVERRIDE { Init(); }
|
| };
|
|
|
| blink::WebCryptoKey ImportSecretKeyFromRaw(
|
| @@ -1009,12 +1010,23 @@ TEST_F(SharedCryptoTest, AesCbcFailures) {
|
|
|
| // Fail exporting the key in SPKI and PKCS#8 formats (not allowed for secret
|
| // keys).
|
| - EXPECT_EQ(Status::ErrorUnexpectedKeyType(),
|
| + EXPECT_EQ(Status::ErrorUnsupportedExportKeyFormat(),
|
| ExportKey(blink::WebCryptoKeyFormatSpki, key, &output));
|
| - EXPECT_EQ(Status::ErrorUnexpectedKeyType(),
|
| + EXPECT_EQ(Status::ErrorUnsupportedExportKeyFormat(),
|
| ExportKey(blink::WebCryptoKeyFormatPkcs8, key, &output));
|
| }
|
|
|
| +TEST_F(SharedCryptoTest, ImportAesCbcSpkiFailure) {
|
| + blink::WebCryptoKey key = blink::WebCryptoKey::createNull();
|
| + ASSERT_EQ(Status::ErrorUnsupportedImportKeyFormat(),
|
| + ImportKey(blink::WebCryptoKeyFormatSpki,
|
| + CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)),
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| + true,
|
| + blink::WebCryptoKeyUsageEncrypt,
|
| + &key));
|
| +}
|
| +
|
| TEST_F(SharedCryptoTest, MAYBE(AesCbcSampleSets)) {
|
| scoped_ptr<base::ListValue> tests;
|
| ASSERT_TRUE(ReadJsonTestFileToList("aes_cbc.json", &tests));
|
| @@ -1367,15 +1379,15 @@ TEST_F(SharedCryptoTest, ImportJwkFailures) {
|
| ImportKeyJwk(
|
| CryptoData(bad_json_vec), algorithm, false, usage_mask, &key));
|
|
|
| - // Fail on JWK alg present but unrecognized.
|
| + // Fail on JWK alg present but incorrect (expecting A128CBC).
|
| dict.SetString("alg", "A127CBC");
|
| - EXPECT_EQ(Status::ErrorJwkUnrecognizedAlgorithm(),
|
| + EXPECT_EQ(Status::ErrorJwkAlgorithmInconsistent(),
|
| ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| // Fail on invalid kty.
|
| dict.SetString("kty", "foo");
|
| - EXPECT_EQ(Status::ErrorJwkUnrecognizedKty(),
|
| + EXPECT_EQ(Status::ErrorJwkUnexpectedKty("oct"),
|
| ImportKeyJwkFromDict(dict, algorithm, false, usage_mask, &key));
|
| RestoreJwkOctDictionary(&dict);
|
|
|
| @@ -1734,7 +1746,19 @@ TEST_F(SharedCryptoTest, MAYBE(ImportJwkInputConsistency)) {
|
|
|
| // Fail: Input algorithm (AES-CBC) is inconsistent with JWK value
|
| // (HMAC SHA256).
|
| - EXPECT_EQ(Status::ErrorJwkAlgorithmInconsistent(),
|
| + dict.Clear();
|
| + dict.SetString("kty", "oct");
|
| + dict.SetString("alg", "HS256");
|
| + dict.SetString("k", "l3nZEgZCeX8XRwJdWyK3rGB8qwjhdY8vOkbIvh4lxTuMao9Y_--hdg");
|
| + EXPECT_EQ(
|
| + Status::ErrorJwkAlgorithmInconsistent(),
|
| + ImportKeyJwkFromDict(dict,
|
| + CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| + extractable,
|
| + blink::WebCryptoKeyUsageEncrypt,
|
| + &key));
|
| + // Fail: Input usage (encrypt) is inconsistent with JWK value (use=sig).
|
| + EXPECT_EQ(Status::ErrorJwkUseInconsistent(),
|
| ImportKeyJwk(CryptoData(json_vec),
|
| CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| extractable,
|
| @@ -2037,7 +2061,7 @@ TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) {
|
| &key));
|
|
|
| // Failing case: Import RSA key but provide an inconsistent input algorithm.
|
| - EXPECT_EQ(Status::DataError(),
|
| + EXPECT_EQ(Status::ErrorUnsupportedImportKeyFormat(),
|
| ImportKey(blink::WebCryptoKeyFormatSpki,
|
| CryptoData(HexStringToBytes(kPublicKeySpkiDerHex)),
|
| CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| @@ -2054,7 +2078,7 @@ TEST_F(SharedCryptoTest, MAYBE(ImportExportSpki)) {
|
|
|
| // Failing case: Try to export a previously imported RSA public key in raw
|
| // format (not allowed for a public key).
|
| - EXPECT_EQ(Status::ErrorUnexpectedKeyType(),
|
| + EXPECT_EQ(Status::ErrorUnsupportedExportKeyFormat(),
|
| ExportKey(blink::WebCryptoKeyFormatRaw, key, &output));
|
|
|
| // Failing case: Try to export a non-extractable key
|
| @@ -2137,7 +2161,7 @@ TEST_F(SharedCryptoTest, MAYBE(ImportExportPkcs8)) {
|
| // and usage. Several issues here:
|
| // * AES-CBC doesn't support PKCS8 key format
|
| // * AES-CBC doesn't support "sign" usage
|
| - EXPECT_EQ(Status::ErrorCreateKeyBadUsages(),
|
| + EXPECT_EQ(Status::ErrorUnsupportedImportKeyFormat(),
|
| ImportKey(blink::WebCryptoKeyFormatPkcs8,
|
| CryptoData(HexStringToBytes(kPrivateKeyPkcs8DerHex)),
|
| CreateAlgorithm(blink::WebCryptoAlgorithmIdAesCbc),
|
| @@ -3430,8 +3454,6 @@ TEST_F(SharedCryptoTest, MAYBE(UnwrapAesCbc192)) {
|
|
|
| class SharedCryptoRsaOaepTest : public ::testing::Test {
|
| public:
|
| - SharedCryptoRsaOaepTest() { Init(); }
|
| -
|
| scoped_ptr<base::DictionaryValue> CreatePublicKeyJwkDict() {
|
| scoped_ptr<base::DictionaryValue> jwk(new base::DictionaryValue());
|
| jwk->SetString("kty", "RSA");
|
| @@ -3533,7 +3555,7 @@ TEST_F(SharedCryptoRsaOaepTest, ImportPublicJwkWithMismatchedTypeFails) {
|
| jwk->SetString("alg", "RSA-OAEP");
|
|
|
| blink::WebCryptoKey public_key = blink::WebCryptoKey::createNull();
|
| - ASSERT_EQ(Status::ErrorJwkPropertyMissing("k"),
|
| + ASSERT_EQ(Status::ErrorJwkUnexpectedKty("RSA"),
|
| ImportKeyJwkFromDict(*jwk.get(),
|
| CreateRsaHashedImportAlgorithm(
|
| blink::WebCryptoAlgorithmIdRsaOaep,
|
|
|
Chromium Code Reviews
